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Device and me'thod for centralized data management and 
access control to databeuies In a telecoaanaxnmxcatlon network 

DESCRIPTION 

S Field of the invention 

The present invention refers to telecottimunication 
systems and in particular to a device and a method for 
storing and controlling the access, from a plurality of 
remote entities within a multimedia and/or 
10 telecommunication service network, to a pltirality of 
heterogeneous databases for storing user and service 
information . 

In a telecomrminication market which is every day more 
conpetitive, a wiiming element for a service provider is 
15 the ability to offer personalized services for final users. 
Users are expecting new services and applications and, even 
more iTt5>ortant, new and user- friendly ways to access and 
use the telephony, internet and multimedia services. 

Background art 

20 In the present scenario, in which a multiplicity of 

services are offered by a plurality of service/content 
providers, the information relative to user, service and 
terminal profiles are spread over a great number of 
databases, and very often the same profile is doubled in 

25 two or even more distinct locations. 

As an example, a user who subscribes a telephone 
service and an internet service (internet access, voice 
over IP, content access) has usually different profiles 
stored in different databases. In such a case the user 

30 profile is not unicjue, because is split at least in a 
"telephone profile" and an "internet parofile", and in 
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addition the distinct profiles reside on different database 
servers • 

A typical situation in which a single user is 
associated to different profiles is shown in figure 1- Two 
5 different services, a telephone service 2 and an internet 
service 4 offer services to a single user, each service has 
a proprietary database for storing user profiles. A first 
database 6 is used by the telephone eeirvice 2 for storing a 
telephone profile, while a second datcJDase 8 is connected 

10 to the internet service 4 for storing an inteamet profile 
for the same user. 

In a system configuration as the one shown in figure 1 
it is not possible to assure the consistency and uniqueness 
of the information relative to a single user, in fact a 

15 user is unable to apply the same changes to both services, 
for example if he wishes to redirect calls to a particular 
terminal, for both traditional calls and VoIP sessions. 

Therefore a change in the profile information must be 
replicated independently on both databases, either the 

20 change is made by a user or by a network/service 
administrator. Such a system is therefore not easy-to-use 
for single users and not easy-to-mauiage for network/ service 
administrators . 

Considering furthermore that the number of services 

25 offered is always increasing, especially in the field of 
multimedia and content delivery sesrvices, it is clear that 
any increase in the number of databases used for storing 
user, service or terminal profiles, introduces difficulties 
in managing correctly the corresponding information. 

30 In US2002/0073 066 is disclosed a data brokerage system 

for selling access to data, such as data stored in a data 
warehouse used for example by retailers or finauicial 
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institutions to store transaction information, inventory 
information etc. The problems addressed in US2002/0073066 
are mainly the necessity to offer differentiated views over 
data, to track accesses and to manage different kinds of 
S data. 

In the system disclosed in US2002/0073066 the 
management of data is assigned to a data warehouse having a 
rigid structure, wherein, for exan^le, the access 
technologies are not customized for different typologies of 

10 data and the reading interfaces allow the access to a 
limited and predetermined subset of data- 

The Applicant has taclded the problem of managing more 
efficiently the information relative to user, service and 
terminal profiles in a multimedia/ telecomniunicat ion 

15 environment. In a system in which the number of services 
offered is constantly increasing and their nature changes 
very frecpiently, the new services must be highly 
personalized, both by the service provider (e.g. commercial 
offer, provisioning and assuramce) and by the end user 

20 (e.g. subscription, conf iginration, access) . To this purpose 
are very important the integration of internet applications 
with other services, such as next generation telephony, and 
innovative ways of heindling user, terminal and service 
profiles and data within the network. 

25 The Applicant observes that, in a next generation 

telecommunication network, most of the data relative to 
personal profiles is replicated in a large number of 
different databases. Such redundancy does not allow an end 
user, as well as a service/content provider, to manage such 

30 personal information in an efficient, secure and reliable 
way. 
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The Appliceuit is of the opinion that, for a better 
data management, most of the personal profiles needed in a 
multimedia/ telecommunioation network must be managed by a 
logically centralized management system. The personal 
S profiles can anyway belong to different administrative 
domains . 

In view of the above, it is an object of the invention 
to provide a device and a method for centrally managing 
personal profiles, assuring at the same time a high level 
10 of security as regards the access control to the dateibases 
containing such profiles in a telecommunication network* 

Susonary of the invention 

According to the invention that object is achieved by 
means of a logically centralized system for managing the 

15 access, from remote entitles within a telecommunication 
network supporting Voice over IP, multimedia and internet 
services, to heterogeneous profiles stored in both local or 
distributed databases. The access to the databases 
containing user, service or terminal profiles is controlled 

20 and tracked; a plxurality of personalized access 
technologies are present %rtiich are dependent on the 
typology of the data Involved. Such scheme allows a better 
control of the data access, more efficiency in the secxurlty 
and accoiinting processes, as well as in the data access in 

25 general. Moreover, in the system realized according to the 
invention, the external visibility of the profiles is 
personalized towards the typology of the request made by 
the remote entities and their privileges. 
Brief description of the drawings 

30 The invention will now be described, by way of example 

only, with reference to the annexed figures of drawing, 
wherein: 
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Fig. 1 is a block diagram of a prior art profile 
access managetnent system; 

Fig. 2 is a schematic view of services interacting 
with a profile access mediator realized according to the 
5 present invention; 

Fig. 3 is a detailed block diagram of a profile access 
mediator realized according to the present invention; .and 

Fig. 4 is a diagram showing the interaction between 
different layers of a profile access mediator during a 
10 profile access operation. 

Detailed description of a preferred embodiment of the 
Invention 

With reference to the block diagram of figure 2, a 
profile access mediator 10^ realized according to the 

15 invention, provides to a plurality of service providers 16, 
18, 20 a controlled and logically centralized access to 
personal profiles - 

As shown in figure 2, a plurality of services, 
hereinafter referred to as "remote entities", for example a 

20 Voice over IP (VoIP) service 16, an Internet service 18 and 
a Multimedia service 20, interact with a single profile 
access mediator 10 for accessing various profiles logically 
centralized in a single directory server 12. All the 
accesses to the directory server 12 are handled by a 

25 plurality of interfaces, represented in figure by block 14, 
whose architecture will be disclosed in detail hereinafter 
with reference to figure 3 . 

The single profile access mediator 10 manages in a 
flexible way the information related to users, terminals 
30 and services, infoinnation globally referred to as 
"profiles", migrating them from service -specific network 
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distrdLbuted databases to logically centralized 
repositories • 

The use of logically centralized repositories enables 
the information consistency by having a unique repository, 
5 niodlfled and read by different entitles at any time. The 
profile access mediator 10 is a mediation device both for 
the access technology to the data (IiEtAP, RDBMS, XMLDB, 
etc.) and for administrative purposes (scalability, 
security, accoimt ability, etc). 

10 The block diagram of figure 3 is a detailed scheme of 

a profile access mediator 10 realized according to the 
invention, including a first plurality of datcQjases 44, 46, 
48 cind a set of interfaces, referenced globally as 14, for 
managing and centrally controlling the access, from any of 

15 the remote entities 16, 18, 20 to the first plurality of 
databases 44, 46, 48 cuid to a second plurality of dateibases 
50 exteini-al to the profile access mediator 10. 

The first plurality of databases comprises User, 
Service and Terminal Profile Databases 44, containing 

20 personal Information characterizing profiles of single 
users. Information characterizing the configuration of 
services for different users, and the terminals used in the 
network by the users. Multimedia Accounting Databases 46 
containing accoxinting infoxrmation for multimedia services 

25 and Internet Accouunting Databases 48 containing accounting 
information for Internet Services. 

The second plurality of databases 50, situated in a 
logically or physically remote location relatively to 
profile access mediator 10, are capable of storing, for 
30 exatcple, service profiles for services provided by third 
party service providers or information regarding user 
location for mobile services. 
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The set of interfaces 14 comprises two main blocks, a 
plurality of adapters 26 and a data provider 24. 

The adapters 26 include a plurality of different 
adapters toward internal 44, 46, 48 and external databases 
5 50, each adapter being able to manage a corresponding 
typology of database. Each adapter is customized for a 
particular typology of database, so that each access 
operation cam be performed independently from the 
particular technology of a single database. 
10 In figure 3 are represented three particular adapters, 

a IiDAP adapter 38, a RDBMS adapter 40 and a XMLDBs adapter 
42, nevertheless the number and nature of the adapters can 
vary and depends on the different typologies of the 
corresponding databases that the system has to manage « 
15 The IjDAP adapter 38 ia developed for reading and 

writing profiles via LDAP protocol on Directory Server, for 
managing repositories that eare particularly efficient in 
frequent accesses to small qusmtities of data. 

The RDBMS adapter 40 is developed for managing Session 
20 Detail Records related to multimedia sessions. 

The XMLDBs adapter 42 is developed for interfacing new 
generation XML datcibases for managing Session Detail 
Records related to internet sessions. 

The data provider 24 is the block exposing access 
25 services to data (API) by mecuis of remote interfaces, and 
includes the following basic bloclcs: 

- a plurality of application interfaces 28 (API) 
toward remote entities, each application interface being 
able to manage different mecheuaisms for accessing 

30 databases ; 

- 3U1 Authentication unit 52; 
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- an Authorization unit 37; 

~ an Accoimting/Security unit 36; 

- a Security Policy Repository 64 hosting information 
ctbout security policies; 

5 - an Activity Log 62 hosting information about access 

tracking. 

The application interfaces 28 (API) are the interfaces 
contacted by the remote entities 16^ 18^ 20 (client 
applications) for obtaining available services; the API oan 
10 be classified in trusted application interfaces 30, in case 
the acoess is requested by authorized applications, and 
untrusted application interfaces 32, in case the access is 
requested by \inknown applications. 

The application interfaces 28 allows the access to 
15 databases 44, 46, 48 and 50 in read mode, write mode for 
entering new information, write mode for modifying existing 
information, write mode for deleting information and search 
mode. 

The access to the application interfaces 28 (API) 
20 depends on a plurality of authorizations contained in an 
XMI* descriptor which allows or denies the use of the 
interfaces to the remote entities requesting access. 

The application interfaces API 28 can be classified 

in: 

25 - read/search, concerning reading operations of data; 

the safety rules defined a priori influence the use of this 
kind of API from different users. 

- write, concerning writing operations of data; the 
safety rules defined a priori influence the use of this 

30 kind of API from different users. 
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- creation of profiles, concezning writing operations 
of data; the safety rules defined a priori influence the 
use of this kind of API from different users, usually only 
the System Ax3miniBtrators are qualified for recalling such 

5 interfaces . 

- cancellation, concerning writing operations of data; 
the safety rules defined a priori influence the use of this 
kind of API from different users, in particular cases only 
the System Administrators are qualified for recalling such 

10 interfaces (e.g. cancellation of profiles) . 

The Authentication unit 52 is in charge of recognizing 
the remote entities. The authentication functionalities aure 
provided by the rtua-time environment - 

The authorization unit 37 is in charge of authorizing 

15 the remote entities to use the adapters 26, by means of 
the verification of the essential reqpiirements and the 
management of a corresponding authorization to use. The 
basic authorization functionalities sure provided by the 
rian-time environment, while extensions are needed towards 

20 more granular authorization mechanisms. 

The Accovmting unit 36 is in charge of tracking the 
accesses to internal 44, 46, 48 and external datcQ^ases 50, 
by means of the registration, for each access, of 
infoirmation related to the identity of the remote entity 
25 that made the access, to the access times and to the data 
exchanged during the access; the information collected by 
the accounting unit 36 is useful for enforcing billing 
models . 

The profile access mediator 10 comprises therefore two 
30 software layers 24 and 26 that allow to de- couple the 
application interfaces (API) and the interaction 
functionalities with data repositories, and offer a veary 
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good flexibility in interaction with different typologies 
of repositories. 

The main functions of the profile access mediator 10 

are: 

5 - Authentication, for identification of the remote 

entity connected to the mediator. This functionality uses 
the Java Authentication and Authorization Service (JAAS) • 

- Authorization, for allowing or denying the use of 
specific available interfaces; the authorization is 

10 declarative and programmatic and is expressed by a file 
descriptor (XML descriptor) for the access policies to 
APIs. 

- Profile Reading, for partial or whole reading of a 
profile corresponding to one of the considered entities 

15 (user/terminal/service) ; the reading is made according to a 
method present in the adapter, with the assistance of the 
Java Naming and Directory Interface (JNDI) libraries 
iirqplementing the UDAP protocol for accessing Directory 
Servers. If the profile is to be read on a RDBMS, the 

20 method sends an SQIi query to the server by means of the 
database implemented according to Java Data Base 
Connectivity (JDBC) specifics. 

- Profile Creation or Deletion; the procedure is the 
same previously described for the "Profile Read" function; 

25 - Profile Modification; the procedure is the same 

previoxisly described for the "Profile Read" function; 

- Search by keywords; if the search is made on a 
Directory Server, the method in charge of this operation 
arranges the search filter and calls the suitable JNDI 

30 method for directoiry query; if the search is made on RDBMS^ 
the method charged with this operation receives the values 
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needed for arranging the filter bxiA passes it, as a 
parameter, to a ODBC method for the search on a relational 
database . 

The profiles msmaged by the access mediator 10 are, 
5 for exanqple: 

- User Profiles, containing personal information such 

as: 

> personal data (name, surname, date of birth, 
etc.) amd personal account data (user- id, password, 

10 personal identifier) ; 

> personalization of the service environment, 
containing the list of the user terminals, the last IP 
terminal used by the user, the list of last called 
numbers and the list of subscribed services with 

15 corresponding utilization counters to trace the number 

of service accesses 

- Service Profiles; every user is able to modify the 
personal profile relative to any siabscribed service as 
regards its right to use. 

20 - Terminal Profiles, defining logically and physically 

each terminal recognized by the system as belonging to the 
domain; such profiles coti5>rise two distinct bremches 
separately stored in the Directory Server, general 
terminals aund network connected terminals: 

25 > the general terminals branch contains the 

information relative to different types of hardware and 
software devices, according to technical (e.g. IP Phone 
having specific codecs) and product characteristics 
(specific model of a manufacturer) ; 

30 > the networ)c connected terminals branch stores 

the information characterizing "logically" the device, as 
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for exanqple, the IP addrees for a IP Phone and a 
descriptive string, 

- Session Detail Records, defining the tracing of the 
imxltimedia sessions coming from and towards the user; they 

5 contain information such as start /end date/ time of the 
session, caller and called ID, terminals ID, QoS 
information . 

The profile access mediator 10 operates according to a 
method conprising the following steps: 
10 - receiving an access request from any of the remote 

entities 16, 18, 20; 

- authenticating the remote entity by means of the 
identification of the remote entity requesting the access; 

- providing a logically centralized access to the 
15 databases for storing personal profiles by means of a 

plurality of application interfaces 28 suitable for 
managing different mechanisms for accessing databases and 
by means of a plurality of adapters 26 toward the 
databases, each adapter being able to manage a 
20 corresponding typology of datsibase; 

- tracking the access by means of the registration of 
information related to the identity of the remote entity 
that effected the access, the access time and the data 
exchanged during access. 

25 Preferably, the step of authenticating the remote 

entity comprises authorizing the remote entity by means of 
the verification of essential requirements and the 
management of a coarresponding authorization to use. 

The profile access mediator 10 can be implemented as a 

30 computer program conprising conputer program code means 
adapted to perform all the steps of the method above 
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disclosed, when said program is run on a computer. The 
computer program is embodied on a coitqputer readad^le medium. 

The block diagram of figure 4 shows eui example of 
interaction between different layers of a profile access 
5 mediator during a profile access operation. In particular 
the diagram refers to a reading request, performed by a 
user, of the latest called numbers. 

The following operations correspond to the references 
<1> to <12> shown in figure 4: 
10 <1> The Data Provider 24 of the Profile Access 

Mediator receives, from a client application, a reading 
rectuest of a portion of a user profile, that is a method of 
a specific BOB is recalled; 

<:2> The Data Provider 24 verifies if the entity 
15 requesting the access is authorized, contacting the 
Security Policy Repository 64; 

<3> The Data Provider 24 receives from the Security 
Policy Repository 64 the answer to previous request; 

<4> The Data Provider 24 performs additional 
20 authorization tasks and records into the Activity Log 62 
the accounting information; 

<5> The interface side of the Adapter layer 26 
receives the reading request from the Data Provider 24 and 
detesrmines to wfciich DAO class (Direct Access Object) the 
25 request is to be forwarded; 

<6> The interface side with the data source of the 
Adapter layer 26 receives the reading request and forward 
it, by means of the JNDI librsories, to the Directory 
Server; 

30 <7> The Directory Server 12 receives and processes the 

request ; 
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<8>, <9>, <10> The data are forwarded to the client 
application that made the request, going back through 
layers up to the client application. 

<11> The Data Provider 24 records into Activity Log 62 
the normal or abnormal termination of the reqpiest 

<12> The data are forwarded to the client application 
that made the request, going back through layers up to the 
client application. 
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1. A device (10) for storing personal profiles and for 
controlling the access, from a plurality of remote entities 
(16, 18, 2 0) within a telecotnrnunication network supporting 

5 a plurality of services, to databases storing said personal 
profiles, characterised in that said device (10) cotiqprises 
a first plurality of databases (44, 46, 48) and interfaces 
(24, 26) for managing and centrally controlling the access, 
from any of said remote entities (16, 18, 20) , to said 
10 first plurality of databases (44, 46, 48) and to a second 
plurality of databases (50) , said interfaces (24, 26) 
comprising: 

- a plurality of adapters (26) toward said first (44, 46, 
48) and second (50) plurality of datc±>ases, each adapter 

15 being able to manage a corresponding typology of database; 

- a plurality of application interfaces (28) toward said 
plurality of remote entities (16, 18, 20) able to manage 
different mechanisms for accessing databases; 

- an authentication \mit (52) , for identification of said 
20 remote entities; 

- an authorization unit (37) for authorizing said remote 
entities (16, 18, 20) to use said adapters (26) , by means 
of the verification of essential requirements and the 
management of a corresponding authorization to use; 

25 - an accounting unit (36) for tracking the accesses to said 
first (44, 46, 48) and second (50) plurality of databases, 

2 . A device according to claim 1 , wherein said 
accounting unit (36) tracks the accesses to said first (44, 
46, 48) and second (50) plurality of databases by means of 

30 the registration, for each access, of information related 
to the identity of the remote entity that made the access, 
to the access times and to the data exchanged during 
access • 
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3. A device according to claim 1, whexein said plurality 
of services comprises Voice over IP or multimedia or 
internet services . 

4. A device according to claim 1, wherein said adapters 
5 (26) allow the access to said first and second plurality of 

databases independently from the particular technology of 
the database. 

5. A device according to claim 1, wherein the access to 
said application interfaces (28) depends on a plurality of 

10 authorizations contained in an XML descriptor. 

6. A device according to claim 1, wherein said interfaces 
(24, 26} allow the access to said first (44, 46, 48) €Uid 
second (50) pliarality of databases by means of trusted 
application interfaces (30) , in case the access is 

15 reqpiested by authorized applications, and by means of 
untarusted application interfaces (32) , in case the access 
is reqpiested by unlcnown applications. 

7. A device according to claim 6, wherein said interfaces 
(24, 26) allow the access to said first (44, 46, 48) and 

20 second (50) plurality of databases in a read mode. 

8. A device according to claim 6, wherein said interfaces 
(24, 26) allow the access to said first (44, 46, 48) and 
second (50) plurality of databases in a write mode for 
entering new information. 

25 9. A device according to claim 6, wherein said interfaces 
(24, 26) allow the access to said first (44, 46, 48) and 
second (50) plurality of databases in a write mode for 
modifying existing information. 

10. A device according to claim 6, wherein said interfaces 
30 (24, 26) allow the access to said first (44, 46, 48) and 
second (50) plurality of databases in a search mode. 
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11. A device according to claim 1, \rtierein said first 
plurality of databases (44, 46, 48) contain information 
characterising a user in temns of user profile. 

12. A device according to claim 11, wherein said user 
5 profile coiiprises identity, personal data, preferences, 

subscribed services and used terminals. 

13. A device according to claim 1, wherein said first 
plurality of datcibases (44, 46, 48) contain information 
characterising a service in terms of service profile. 

10 14 . A device according to claim 13 , wherein said service 
profile conprises information characterising the 
configuration of services for different users. 
15 • A device according to claim 1, wherein said first 
plurality of databases (44, 46, 48) contain information 

15 characterising the terminals used in said multimedia cuid/or 
telecommunication service network. 

16. A device according to claim 15, wherein said 
information characterising the terminals are stored into a 
generic terminal profile database, containing information 

20 relative to static characteristics of terminals, and into a 
network terminal profile database, containing information 
relative to dynamic characteristics of terminals . 

17. A telecommunication network comprising a device for 
storing personal profiles auad for controlling the access, 

25 from a plurality of remote entities, to databases storing 
said personal pirofiles, characterized in that said device 
(10) is realized according to any of claims 1 to 16. 

18 . A method of providing the access to databases for 
storing personal profiles, to a plurality of remote 

30 entities (16, 18, 20) within a telecommunication network 
supporting Voice over IP and/or multimedia and/or internet 
services, and for controlling said access, chciracterised in 
that it comprises the following steps: 
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- receiving an access request from any of said remote 
entities (16, 18, 20); 

- authenticating said remote entity by means of the 
identification of the remote entity requesting the access; 

5 - providing a logically centralized access to said 
databases for storing personal profiles by means of a 
plurality of application interfaces (28) suitable for 
managing different mechanisms for accessing databases and 
by means of a plurality of adapters (26) toward said 
10 databases, each adapter being able to manage a 
corresponding typology of database; 

- tracking said access by means of the registration of 

information related to the identity of the remote entity 

,»*' 

that effected the access. 
15 19. A method as claimed in claim 18, wherein said step of 
tracking said access comprises collecting information cQ^out 
the access time and the data exchanged during access. 

20. A method as claimed in claim 18, wherein said step of 
authenticating said remote entity comprises authorizing 

20 said remote entity by means of the verification of 
essential requirements and the management of a 
corresponding authorization to use. 

21. A conputer program comprising computer program code 
means adapted to perform all the steps of any of claims 17 

25 to 19 when said program is run on a computer. 

22 . A computer program as claimed in claim 21 embodied on 
a cott^uter readable medixim. 
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